[strongSwan] Failover on remote gateway

Emeric POUPON emeric.poupon at stormshield.eu
Fri Sep 12 10:22:40 CEST 2014


I've set up a site-to-site tunnel successfully.

Now I would like to specify another gateway address in case the first one fails to respond (same traffic selectors, but just a different "right" public IP).

With racoon we can use hook scripts in order to generate another set of Security Policies to do that, but I can't really see how it could be performed using strongswan.
Use "left|rightupdown" scripts and change the connection parameters using vici?

Maybe there are more efficient ways to do this (load-balancing...)?

Best Regards,

More information about the Users mailing list